Hmm...
Thank you man pages
# man smb.conf
SECURITY = SHARE
When clients connect to a share level security
server they need not log onto the server with a
valid username and password before attempting to
connect to a shared resource (although modern
clients such as Windows 95/98 and Windows NT will
send a logon request with a username but no pass
word when talking to a security = share server).
Instead, the clients send authentication informa
tion (passwords) on a per-share basis, at the time
they attempt to connect to that share.
Note that smbd ALWAYS uses a valid UNIX user to act
on behalf of the client, even in security = share
level security.
SECURITY = USER
This is the default security setting in Samba 2.2. With
user-level security a client must first "log-on" with a
valid username and password (which can be mapped using the
username map parameter). Encrypted passwords (see the
encrypted passwords parameter) can also be used in this
security mode. Parameters such as user and guest only if
set are then applied and may change the UNIX user to use
on this connection, but only after the user has been suc
cessfully authenticated.
Note that the name of the resource being requested is not
sent to the server until after the server has successfully
authenticated the client. This is why guest shares don't
work in user level security without allowing the server to
automatically map unknown users into the guest account.
See the map to guest parameter for details on doing this.
See also the section NOTE ABOUT USERNAME/PASSWORD VALIDA
TION.
1 Replies
548 Views